Follow this link for an updated and comprehensive analysis of the CrowdStrike Outage.
A series of unprecedented IT outages has sent shockwaves through businesses and public services worldwide, highlighting the vulnerabilities of our interconnected digital systems. The disruptions stemmed from two separate incidents: a major Microsoft 365 service outage and a botched update of CrowdStrike’s widely used cybersecurity software.
While cloud-based services and software experienced widespread disruptions, organizations relying on on-premise servers were less affected by the outages.
Microsoft 365 Outage
On Thursday night, Microsoft experienced a significant service outage affecting users globally. Popular platforms such as Microsoft Teams, SharePoint Online, and OneDrive for Business were rendered inaccessible, causing widespread disruptions to business operations. The company identified a potential root cause related to a configuration change in their Azure backend workloads, leading to interruptions between storage and compute resources. As Microsoft worked to resolve the issue, they implemented traffic redirection efforts to gradually restore service availability.
Impact on Aviation
Perhaps the most surprising consequence of this outage was its impact on the aviation industry. Frontier Airlines, based in Denver, was forced to halt flights for over two hours due to issues with Microsoft’s online services.
CrowdStrike Update Failure
Compounding the Microsoft outage, a separate incident involving CrowdStrike’s cybersecurity software caused further disruptions. A botched update of the widely used program took down numerous computer systems at businesses and public services globally. CrowdStrike CEO George Kurtz confirmed that the fault had been identified and a fix deployed, emphasizing that it was not a cyberattack.
Widespread Impact
The cascading failures affected a broad range of sectors and services, including:
- Airlines (United Airlines, Frontier Airlines)
- Fast food chains (McDonald’s)
- Financial institutions
- Healthcare systems
- Public transportation (New York subway)
- Airports (Singapore, Zurich)
Scale and Significance
The scale of this disruption reflects the ubiquity of Microsoft Windows and the widespread adoption of CrowdStrike’s security software. Windows is installed on more than 70% of machines globally, while CrowdStrike is the world leader in modern corporate protection software. Troy Hunt, an Australian security consultant, went as far as to call it “the largest IT outage in history”.
Market Reaction
The outages had a significant impact on the stock market, with shares in CrowdStrike dropping 20% and Microsoft falling 2.9%.
Persistent Issues
Microsoft has now experienced its third major outage this year. In early March, Exchange Online users were affected by a global service disruption. Previously, in January, a similar widespread interruption occurred when a router IP address change caused packet forwarding issues between routers in Microsoft’s Wide Area Network (WAN). This earlier incident resulted in a global shutdown of multiple Microsoft 365 services. These recurring outages highlight the ongoing challenges Microsoft faces in maintaining the stability of its cloud-based services
Users are advised to stay informed by checking Microsoft’s official status pages for the most up-to-date information on service availability.
Lessons Learned
These incidents serve as a stark reminder of the critical importance of robust IT infrastructure, effective disaster recovery plans, and the need for businesses to diversify their technology dependencies.
It’s crucial for organizations to reassess their IT strategies, implement redundancy measures, and prepare for potential large-scale outages that can have far-reaching consequences across industries and geographical boundaries.
Reach out to Messageware to improve Microsoft Exchange Server Security
If you are not protecting all the protocols used by your Exchange Server, you’re putting your company at a higher risk of a data breach.
Security incidents happen frequently. They cause disruption, loss of data and potentially risk the reputation of your company. However, if you implement these steps, you’re doing more than most other companies.
Have you heard about Messageware’s EPG that offers advanced Exchange Server security to protect organizations from a variety of logon and password attacks, as well as extensive real-time reporting and alerts of suspicious logon activity? Click here to learn more.